Mole is an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. The Mole uses a command based interface, allowing the user to indicate the action he wants to perform easily. The CLI also provides auto-completion on both commands and command arguments, making the user type as less as possible.

Features

Support for Mysql, Postgres, SQL Server and Oracle.

Automatic SQL injection exploitation using union technique.

Automatic blind SQL injection exploitation.

Exploits SQL Injections through GET and POST methods.

Support for query filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily.